[Frugalware-darcs] frugalware-0.6: clamav-0.90.2-1terminus3-i686

voroskoi voroskoi at frugalware.org
Sun Aug 5 11:22:05 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20070805091514-dd049-18d4faa9686a48dce1d09d7b27f42aae751992e9.gz;

[clamav-0.90.2-1terminus3-i686
voroskoi <voroskoi at frugalware.org>**20070805091514
 secfix relbump, closes #2257
] {
addfile ./source/apps-extra/clamav/CVE-2007-3725.diff
hunk ./source/apps-extra/clamav/CVE-2007-3725.diff 1
+Index: unrar.c
+===================================================================
+--- clamav/libclamav/unrar/unrar.c	(revision 3126)
++++ unrar.c	(working copy)
+@@ -1650,7 +1650,7 @@
+ 			cli_dbgmsg("Computed File CRC: 0x%x\n", state->unpack_data->unp_crc^0xffffffff);
+ 			if (state->unpack_data->unp_crc != 0xffffffff) {
+ 				if (state->file_header->file_crc != (state->unpack_data->unp_crc^0xffffffff)) {
+-					cli_warnmsg("RAR CRC error. Please report the bug at http://bugs.clamav.net/\n");
++					cli_warnmsg("RAR CRC error. If the file is not corrupted, please report at http://bugs.clamav.net/\n");
+ 				}
+ 			}
+ 			if (!retval) {
+Index: unrarvm.c
+===================================================================
+--- clamav/libclamav/unrar/unrarvm.c	(revision 3126)
++++ unrarvm.c	(working copy)
+@@ -347,18 +347,18 @@
+ 	unsigned int file_offset, cur_pos, predicted;
+ 	int32_t offset, addr;
+ 	const int file_size=0x1000000;
+-	
++
+ 	switch(filter_type) {
+ 	case VMSF_E8:
+ 	case VMSF_E8E9:
+ 		data=rarvm_data->mem;
+ 		data_size = rarvm_data->R[4];
+ 		file_offset = rarvm_data->R[6];
+-		
+-		if (data_size >= VM_GLOBALMEMADDR) {
++
++		if ((data_size >= VM_GLOBALMEMADDR) || (data_size < 4)) {
+ 			break;
+ 		}
+-		
++
+ 		cmp_byte2 = filter_type==VMSF_E8E9 ? 0xe9:0xe8;
+ 		for (cur_pos = 0 ; cur_pos < data_size-4 ; ) {
+ 			cur_byte = *(data++);
hunk ./source/apps-extra/clamav/FrugalBuild 6
-pkgrel=1terminus2
+pkgrel=1terminus3
hunk ./source/apps-extra/clamav/FrugalBuild 18
-	31_others.c.CVE-2007-3024.dpatch.diff)
+	31_others.c.CVE-2007-3024.dpatch.diff \
+	CVE-2007-3725.diff)
hunk ./source/apps-extra/clamav/FrugalBuild 42
-          '766cd15c0856b328520f603dfe1fd75f84f78621')
+          '766cd15c0856b328520f603dfe1fd75f84f78621' \
+          '699ab0197b39df250582ec488e51bf173c9ce32f')
}


More information about the Frugalware-darcs mailing list